package com.yyl.fmall.user.shiro;

import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.HashMap;

/**
 * @BelongsProject: rbacs
 * @BelongsPackage: com.yyl.rbacs.shiro
 * @Author: YuanSir
 * @CreateTime: 2022-10-28  09:08
 * @Description:
 * @Version: 1.0
 */


@Configuration
public class ShiroConfig {
    
    @Bean
    public ShiroFilterChainDefinition shiroFilterChainDefinition(){
        
        DefaultShiroFilterChainDefinition chainDefinition = new DefaultShiroFilterChainDefinition();
        
        HashMap<String, String> map = new HashMap<>();
    
        //配置直接放行的请求url
        map.put("/user/login", "anon");
        map.put("/register.html", "anon");
        map.put("/user/register", "anon");
        map.put("/swagger-resources/**", "anon");
        map.put("/swagger-ui.html", "anon");
        map.put("/doc.html", "anon");
        map.put("/webjars/**", "anon");
        map.put("/v2/api-docs", "anon");
        map.put("/csrf", "anon");
        map.put("/captcha.jpg", "anon");
    
        //2.需要登陆后才可以放行的请求url
//        map.put("/**", "authc");
    
        chainDefinition.addPathDefinitions(map);
        
        return chainDefinition;
        
    }
    
    
    @Bean
    public Realm customRealm(){
    
        HashedCredentialsMatcher shaCredentialsMatcher = new HashedCredentialsMatcher();
        shaCredentialsMatcher.setHashAlgorithmName(ShiroConstants.HASH_ALGORITHM_NAME);
        shaCredentialsMatcher.setHashIterations(ShiroConstants.HASH_ITERATIONS);
        CustomRealm customRealm = new CustomRealm();
        customRealm.setCredentialsMatcher(shaCredentialsMatcher);
        return customRealm;
    
    }
    
    
    /**
     * 该配置，解决了引入aop依赖后，加了@RequiresPermissions注解的controller失效的问题
     *
     * 如果不加，会出现把controller的对应url当静态资源处理的问题，404
     * @return
     */
//    @Bean
//    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
//        DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator();
//        creator.setProxyTargetClass(true);
//        return creator;
//    }
    
}
